ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks against script-driven sites by using security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites that aren't updated frequently. For instance, a number of failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block these activities the minute it detects them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains a very comprehensive log of all attack attempts that includes more info than conventional Apache logs, so you can later analyze the data and take extra measures to improve the security of your sites if necessary.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting plans that we supply and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites will include in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and comprise of both commercial ones that we get from a third-party security business and custom ones which our system admins include in the event that they detect a new sort of attacks. That way, the sites which you host here will be far more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity by default within all semi-dedicated hosting packages, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any Internet site with a mouse click. You will also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of potential attacks without really stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so forth. The list of rules we use is frequently updated as to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our admins include if they discover a threat that's not present within the commercial list yet.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web programs will be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a mouse click through the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found in the very same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not only commercial rules from a business working in the field of web security, but also custom ones our administrators add personally so as to respond to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

If you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be protected right from the start as ModSecurity is available with all Hepsia-based packages. You'll be able to manage the firewall with ease and if needed, you will be able to turn it off or activate its passive mode when it will only maintain a log of what is happening without taking any action to prevent possible attacks. The logs which you can find in the same section of the CP are extremely detailed and contain info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This info will allow you to take measures and boost the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators add whenever they detect attacks which have not yet been included inside the commercial pack.